Hello,
I am trying to add support for TLS-PSK in async-http-client package.
I have tested both Transport Services and swift-nio-ssl implementation by switching the HTTPClient.EventLoopGroupProvider.
Neither implementation was working in my case for different reason.
First transport services implementation:
It seems by reading the TLSConfiguration.swift file and TLSConfiguration.getNWProtocolTLSOptions implementation that PSK is not supported.
I attempt to add support for it but IFAIK Network framework needs to know before launching the TLS handshake the list of identity + PSK.
But async-http-client provide a callback to request an identity + PSK by using the server hint. This approach doesn't seem compatible.
Second the swift-nio-ssl implementation:
In my case the server is not sending any hint.
So in SSLContext.swift the clientPSKCallback method is exiting early at line 183 when it is not possible to construct the hint to pass it to the client callback.
// If set, build out a hint to pass into the client callback.
guard let clientHint = hint,
let derivedHint = String(validatingUTF8: clientHint) else {
return 0
}
My understanding is that the server hint is not mandatory and the client should decide what to do in its absence.
Any guidance on how to pursue ? Did I miss something ?
Thanks